Project: Litman v. Goldberg — Evidence Acquisition Framework
Prepared: April 2, 2026
Purpose: Document legal basis for all data collection methods used in this project
This project collects data from four categories of sources to build litigation evidence for NY Civil Rights Law SS 50-51 claims. This memo documents the legal basis, authorization chain, and risk assessment for each source.
Source: api.uspto.gov (Patent File Wrapper API)
Method: Authenticated REST API with issued API key (X-API-Key header)
Data Collected: IFW document lists, POA PDFs, IFEE PDFs, patent front pages
Legal Basis: - USPTO data is public record under 35 U.S.C. SS 122(b) (published applications) and 37 C.F.R. SS 1.11 (public availability of patents) - API access is explicitly authorized via USPTO's developer portal (api.uspto.gov); API key obtained through legitimate registration - No Terms of Service violation: USPTO encourages programmatic access via its official API - No CFAA exposure: Access is authorized (API key issued by USPTO), through public-facing endpoints, with no bypass of technical controls
CFAA Analysis (18 U.S.C. SS 1030): - Authorization: Explicit (API key granted by data owner) - Technical controls bypassed: None - Authenticated areas: API requires key for rate limiting, not access restriction - hiQ Labs v. LinkedIn applicability: Not needed; access is explicitly authorized, not merely public scraping
Risk Level: NONE
Source: web.archive.org (Wayback Machine CDX API + archived pages)
Method: CDX API queries for nathlaw.com captures; manual browser screenshots
Data Collected: Website snapshots showing Litman listed as "PATENT ATTORNEY"
Legal Basis: - Internet Archive is a public, non-profit digital library (archive.org) - CDX API is a public API requiring no authentication - Archived web pages are publicly accessible — no login, no paywall - Manual browser captures of public pages do not implicate CFAA - No robots.txt bypass: CDX API is intended for programmatic access
CFAA Analysis: - Authorization: Public API, no authentication required - Technical controls bypassed: None (403 errors from rate limiting respected; manual capture used instead) - Content type: Public web page snapshots
Copyright Consideration: Captures are used as evidence of what appeared on a public website at a specific time. Fair use applies under 17 U.S.C. SS 107 (litigation purpose, factual content, no market harm).
Risk Level: NONE
Source: Gmail API (rclitman@gmail.com, richielitman@gmail.com) + Apple Mail exports
Method: OAuth2 authentication via Gmail API; local Apple Mail export
Data Collected: Email metadata, bodies, attachments (financial records, correspondence)
Legal Basis: - Account owner authorization: Richard C. Litman (plaintiff) authorized access to his own email accounts - Gmail API access uses OAuth2 consent flow — account owner explicitly granted permissions - Apple Mail exports are from locally stored emails on authorized devices - No third-party email accounts accessed without authorization - Stored Communications Act (18 U.S.C. SS 2701): Not implicated — access by account holder or authorized agent
Authorization Chain: 1. Richard C. Litman (account owner) authorized Michael Litman (nephew) to assist with case 2. Michael Litman operates under direction of retained counsel 3. Gmail OAuth2 tokens obtained through standard consent flow 4. Apple Mail accessed on Richard Litman's own devices
Privacy Considerations (NY): - NY does not have a comprehensive consumer privacy statute (as of 2026) - Communications involve business correspondence, not personal health/financial data of third parties - Attorney-client privilege preserved: emails between Litman and his counsel excluded from production
Risk Level: NONE (authorized access by account owner)
Source: Richard Litman's iCloud Photos library
Method: Direct access to photos on authorized device
Data Collected: Screenshots of text messages, emails, patent pages, financial documents (283 photos)
Legal Basis: - Photos are from Richard Litman's own device and iCloud account - No third-party accounts accessed - Text message screenshots: Litman is a party to all conversations captured - One-party consent: NY is a one-party consent state for recording (NY Penal Law SS 250.00) — Litman, as a party to the conversations, may record/capture them
Risk Level: NONE
Source: patents.google.com (public), PatentsView API (retired)
Method: Public web searches; API queries (PatentsView returned 410 Gone as of 2026)
Data Collected: Patent metadata, attorney-of-record fields, assignee information
Legal Basis: - Google Patents is a public search engine for patent data — no authentication required - PatentsView was a public API operated by USPTO/USTPO — no authentication required - All patent data is public record under federal law
Risk Level: NONE
Source: iapps.courts.state.ny.us/nyscef (New York State Courts Electronic Filing)
Method: Manual download of publicly filed court documents
Data Collected: Pleadings, motions, orders, scheduling documents
Legal Basis: - Court filings are public records under NY Judiciary Law SS 255 - NYSCEF is the official electronic filing system — public access is its purpose - No authentication bypass: documents accessed through standard public interface - Party to the case: Litman is the plaintiff — full access to own case docket
Risk Level: NONE
| Source | Auth Type | Public Data | Controls Bypassed | Risk |
|---|---|---|---|---|
| USPTO API | API Key (issued) | Yes | None | None |
| Wayback Machine | Public (no auth) | Yes | None | None |
| Gmail | OAuth2 (owner consent) | No | None | None |
| Apple Mail | Local device | No | None | None |
| iCloud Photos | Owner device | No | None | None |
| Google Patents | Public (no auth) | Yes | None | None |
| NYSCEF | Public (no auth) | Yes | None | None |
Conclusion: All data sources are accessed either through (a) explicit authorization by the data owner (USPTO API key, Gmail OAuth2, account owner consent) or (b) publicly available data requiring no authentication. No technical controls are bypassed. CFAA exposure is zero.
Every data source used in this project falls within established legal boundaries: - Public records accessed through official channels - Authorized private data accessed with account owner consent - No CFAA exposure — all access explicitly authorized or public - Evidence preservation follows forensic best practices (hash verification, chain of custody, three-layer separation)
This methodology is defensible under cross-examination and meets the standard for litigation-grade evidence acquisition.